EP1978463A3 - Safety module for a franking machine - Google Patents

Safety module for a franking machine Download PDF

Info

Publication number
EP1978463A3
EP1978463A3 EP08075092A EP08075092A EP1978463A3 EP 1978463 A3 EP1978463 A3 EP 1978463A3 EP 08075092 A EP08075092 A EP 08075092A EP 08075092 A EP08075092 A EP 08075092A EP 1978463 A3 EP1978463 A3 EP 1978463A3
Authority
EP
European Patent Office
Prior art keywords
memory
core
kernel
security
processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP08075092A
Other languages
German (de)
French (fr)
Other versions
EP1978463A2 (en
Inventor
Volker Baum
Dirk Rosenau
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Francotyp Postalia GmbH
Original Assignee
Francotyp Postalia GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Francotyp Postalia GmbH filed Critical Francotyp Postalia GmbH
Publication of EP1978463A2 publication Critical patent/EP1978463A2/en
Publication of EP1978463A3 publication Critical patent/EP1978463A3/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00741Cryptography or similar special procedures in a franking system using specific cryptographic algorithms or functions
    • G07B2017/00774MAC (Message Authentication Code), e.g. DES-MAC
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00741Cryptography or similar special procedures in a franking system using specific cryptographic algorithms or functions
    • G07B2017/00782Hash function, e.g. MD5, MD2, SHA

Abstract

Die Erfindung betrifft ein Sicherheitsmodul für die elektronische Datenverarbeitung, mit einem Sicherheitskern umfassend einen Kernprozessor, sowie hiermit verbunden, einen Kernspeicher und ein Kerninterface, wobei der Kernprozessor dafür eingerichtet ist, Programme/Datensätze , über das Kerninterface zu importieren, zu verifizieren und bei erfolgreicher Verifikation im Kernspeicher zu speichern und zu aktivieren. Sie ist dadurch gekennzeichnet, dass der Sicherheitskern über das Kerninterface mit einem außerhalb des Sicherheitskernes angeordneten Massenspeicher des Sicherheitsmoduls verbunden ist, wobei die Speicherkapazität des Massenspeichers ein Vielfaches der Speicherkapazität des Kernspeichers beträgt, dass der Kernprozessor dazu eingerichtet ist, in den Massenspeicher geladene Programme/Datensätze für eine Programmausführung partitioniert in den Kernspeicher zu importieren, zu verifizieren und zu aktivieren, und dass der Kernprozessor dafür eingerichtet ist, für die Programmausführung nicht benötigte und in dem Kernspeicher gespeicherte partitionierte Programme/Datensätze zu authentifizieren und in den Massenspeicher zu exportieren und/oder im Kernspeicher zu löschen.

Figure imgaf001
The invention relates to a security module for electronic data processing, comprising a security core comprising a core processor, as well as a core memory and a core interface, the core processor being adapted to verify programs / data records via the core interface and upon successful verification store and activate in core memory. It is characterized in that the security kernel is connected via the core interface to a mass memory of the security module arranged outside the security kernel, wherein the storage capacity of the mass memory is a multiple of the memory capacity of the core memory, that the core processor is adapted to programs / data records loaded into the mass memory partitioned into kernel memory for import, verification and activation of a program execution, and the kernel processor is adapted to authenticate and export to the mass storage memory and / or in the partition memory programs / records unused to program execution and stored in the core memory Core memory to delete.
Figure imgaf001
EP08075092A 2007-04-02 2008-02-06 Safety module for a franking machine Withdrawn EP1978463A3 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE102007016170A DE102007016170A1 (en) 2007-04-02 2007-04-02 Security module for a franking machine

Publications (2)

Publication Number Publication Date
EP1978463A2 EP1978463A2 (en) 2008-10-08
EP1978463A3 true EP1978463A3 (en) 2010-06-02

Family

ID=39580168

Family Applications (1)

Application Number Title Priority Date Filing Date
EP08075092A Withdrawn EP1978463A3 (en) 2007-04-02 2008-02-06 Safety module for a franking machine

Country Status (4)

Country Link
US (1) US20080244217A1 (en)
EP (1) EP1978463A3 (en)
CA (1) CA2627255A1 (en)
DE (1) DE102007016170A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102011002703A1 (en) * 2011-01-14 2012-07-19 Siemens Aktiengesellschaft Method and device for providing a cryptographic key for a field device
DE102011002706B4 (en) * 2011-01-14 2013-12-19 Siemens Aktiengesellschaft Device and method for protecting a security module against manipulation attempts in a field device
EP2626804B1 (en) * 2012-02-09 2017-09-13 Inside Secure Method for managing memory space in a secure non-volatile memory of a secure element
US10102889B2 (en) 2012-09-10 2018-10-16 Texas Instruments Incorporated Processing device with nonvolatile logic array backup
DE102013202001B4 (en) 2013-02-07 2017-08-10 Bundesdruckerei Gmbh A method of providing a mobile terminal with an authentication certificate
US10382410B2 (en) * 2016-01-12 2019-08-13 Advanced Micro Devices, Inc. Memory operation encryption

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19782169C2 (en) * 1996-12-12 2001-09-06 Intel Corp Cryptographically protected paging subsystem
WO2005091108A1 (en) * 2004-03-19 2005-09-29 Nokia Corporation Secure mode controlled memory

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5027397A (en) 1989-09-12 1991-06-25 International Business Machines Corporation Data protection by detection of intrusion into electronic assemblies
DE59710554D1 (en) 1996-01-31 2003-09-18 Francotyp Postalia Ag franking machine
US5901225A (en) * 1996-12-05 1999-05-04 Advanced Micro Devices, Inc. System and method for performing software patches in embedded systems
DE10137505B4 (en) 2001-07-16 2005-06-23 Francotyp-Postalia Ag & Co. Kg Arrangement and method for changing the functionality of a security module
US20030196096A1 (en) * 2002-04-12 2003-10-16 Sutton James A. Microcode patch authentication
US7370210B2 (en) * 2002-11-18 2008-05-06 Arm Limited Apparatus and method for managing processor configuration data
DE102004063812A1 (en) * 2004-12-30 2006-07-13 Francotyp-Postalia Ag & Co. Kg Method for preparing data for loading into a data processing device
US20060294496A1 (en) * 2005-06-27 2006-12-28 Bea Systems, Inc. System and method for improved web portal design through control tree file creation

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19782169C2 (en) * 1996-12-12 2001-09-06 Intel Corp Cryptographically protected paging subsystem
WO2005091108A1 (en) * 2004-03-19 2005-09-29 Nokia Corporation Secure mode controlled memory

Also Published As

Publication number Publication date
US20080244217A1 (en) 2008-10-02
EP1978463A2 (en) 2008-10-08
CA2627255A1 (en) 2008-10-02
DE102007016170A1 (en) 2008-10-09

Similar Documents

Publication Publication Date Title
EP1978463A3 (en) Safety module for a franking machine
CN108572791A (en) Data storage device and data maintenance method thereof
EP1881466A3 (en) Gaming security system
CN101305386B (en) Portable auxiliary storage device
EP1744247A3 (en) Optimized startup verification of file system integrity
CN105426315B (en) Method for maintaining entity storage comparison table and device using same
CN104346288B (en) Method for managing a memory device, memory device and controller
TW200632922A (en) High speed programming system with reduced over programming
CN104346292B (en) method for managing a memory device, memory device and controller
RU2005106847A (en) DYNAMIC ENERGY INDEPENDENT MEMORY WITH RANDOM ACCESS
WO2008016718A3 (en) Verifying data integrity in a data storage device
JP2010508578A5 (en)
TW200745905A (en) Random password automatically generated by bios for securing a data storage device
CN109189612A (en) Log processing method and electronic equipment when a kind of linux kernel exception
WO2007143398A3 (en) Verify operation for non-volatile storage using different voltages
US20150119137A1 (en) Methods and systems for conducting on-line tournaments
CN107291377A (en) Data storage device and data maintenance method thereof
WO2009153435A3 (en) Device and method for checking the integrity of physical objects
CN102236751A (en) Computer system with safety lock and method for implementing safety lock
EP1722336A3 (en) Data generating device and method for initialising security data carriers
TW200732911A (en) Memory access method
DE20304040U1 (en) Memory card with multiple interfaces and memory control chip with capacity for double interface to memory interface and to USB or IEEE-1394 interface
CN102426638B (en) Chip reading method and encryption method
CN105320580B (en) Data storage system with protecting information safety
CN106155581B (en) Data storage device and data maintenance method thereof

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

17P Request for examination filed

Effective date: 20101201

AKX Designation fees paid

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

17Q First examination report despatched

Effective date: 20110608

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20111019